- Am I overreacting to a Facebook message from a dating app match? 5 Years Ago
- Buttigieg, Klobuchar come together to laugh at Bloomberg Wednesday 10:29 PM
- Bernie Sanders calls Bloomberg’s wealth ‘grotesque’ to his face Wednesday 9:53 PM
- Angry Bloomberg asks debate moderators if he’s ‘chicken liver’ Wednesday 9:29 PM
- Elizabeth Warren savages everyone else’s healthcare plan Wednesday 9:07 PM
- K-Pop stans help push ‘Pooping for Kaitlin’ hashtag mocking Kent State gun girl Wednesday 8:54 PM
- Fans speculate after learning Pop Smoke posted address prior to fatal home invasion Wednesday 8:11 PM
- Jar of human tongues found in Florida has people shook Wednesday 6:39 PM
- Video of Blueface teaching Obama lookalike to dance is turning heads Wednesday 5:58 PM
- ‘No one has the range’ for this meme Wednesday 5:21 PM
- Mom confronts man who followed daughter through grocery store in viral video Wednesday 5:05 PM
- Major study linking vaping to heart attacks gets retracted Wednesday 4:36 PM
- George Zimmerman is suing Pete Buttigieg, Elizabeth Warren Wednesday 2:55 PM
- Netflix’s ‘Horse Girl’ accused of ripping off 2017 indie film Wednesday 2:52 PM
- The Genyus Network is a safe social space for stroke survivors Wednesday 2:20 PM
Hackers hit CurrentC, Apple Pay’s main competitor
This isn’t a good sign, except maybe for Apple.
CurrentC, the mobile payment service that is challenging Apple Pay with funding from the largest U.S. retailers, has already been hacked, according to the Merchant Customer Exchange (MCX).
In an email sent on Wednesday to participants in CurrentC’s pilot program, MCX said unauthorized third parties had obtained the e-mail address of CurrentC users, though no other information was taken. The email also warned recipients of possible phishing attempts stemming from the theft.
“In an abundance of caution, we wanted to make you aware of this incident and urge you not to open links or attachments from unknown third parties,” MCX said. According to Mashable, MCX claims that the CurrentC app itself was not affected.
CurrentC, which is now in the beta-testing phase, uses QR codes to process payments at the register, unlike Apple Pay, which uses near-field communication (NFC) technology. Tech-watchers have raised questions about the wisdom of generating QR codes that link to consumers’ bank accounts, as CurrentC does. Apple Pay’s NFC system, meanwhile, is said to be more secure because it uses tokenization, replacing credit card information with a different number, called a token, generated by a secured cryptographic function.
Screengrab via CurrentC app
Analysts anticipate that CurrentC, which is set to launch in 2015, will see widespread use in the United States. Participating retailers are already taking steps to prevent their customers from using Apple Pay. Last week, Rite Aid and CVS, both members of the MCX consortium, disabled Apple Pay-compatible NFC equipment in their stores.
According to Business Insider, neither pharmacy will allow customers to use Google Wallet either, even though Google’s mobile payment system has been around for over two years.
— Adam (@Afbar1114) October 29, 2014
Unnamed sources at multiple MCX retailers told the New York Times this week that they signed a contract with MCX and faced “steep fines” for accepting mobile payments from CurrentC competitors such as Apple Pay.
MCX denied the existence of any such fines and claimed that retailers are simply not allowed to use their service and accept Apple Pay. “When merchants choose to work with MCX, they choose to do so exclusively and we’re proud of the long list of merchants who have partnered with us,” MCX said on its website.
“Importantly, if a merchant decides to stop working with MCX, there are no fines” (emphasis in original).
MCX counts among its members some of the nation’s largest retailers, many of whom have already fallen victim to cyberattacks targeting point-of-sale (POS) systems, including WalMart, Target, GAP, and Best Buy.
Update 6pm ET, 10.29.14: MCX CEO Dekkers Davidson defended CurrentC’s security during a conference call late Wednesday afternoon. He emphasized that the recent attack was “not a breach” of the CurrentC app itself and added that mostly dummy email addresses were affected. Moreover, Davidson repeated that MCX member retailers would not be penalized for adopting Apple Pay alongside CurrentC. “We have a great deal of respect for Apple, of course, and Apple Pay,” Davidson said. “We believe and our merchants believe we require two to three strong players in the space to build the ecosystem.” (h/t TIME)
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.